Security notes - security for the everyday person: Difference between revisions
Jump to navigation
Jump to search
mNo edit summary |
|||
(6 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
{{#addbodyclass:tag_tech}} | |||
{{#addbodyclass:tag_security}} | |||
{{SecurityRelated}} | {{SecurityRelated}} | ||
Line 66: | Line 68: | ||
tl;dr: | tl;dr: | ||
* if you think you'll lose it, and want to ensure that the next reboot people will have a ''hard'' time getting in, yes. | |||
* do not assume encrypted devices do much against law enforcement, | |||
:: in that in a lot of places, you are more or less ''required'' to give them access somehow, and your refusal will have implications | :: in that in a lot of places, you are more or less ''required'' to give them access somehow, and your refusal will have implications | ||
What makes more-mobile devices special is that they physically are ''usually'' in environments you can't trust | What makes more-mobile devices special compared to most others | ||
and unlike most other kinds of devices, not | is that they physically are ''usually'' in environments you can't trust | ||
{{comment|(and unlike most other kinds of devices, not taking them there ''defeats their point'' so people just ''will do that'')}}. | |||
Line 141: | Line 144: | ||
tl;dr: | tl;dr: | ||
: if you think it'll get stolen for the data on it, yes. | : if you think it'll get stolen for the data on it, yes. | ||
: if you like peace of mind, yes | : if you like the related peace of mind, yes | ||
: yet practically | : yet practically | ||
:: people don't generally take their PCs anywhere - LAN parties happen less than since the | :: people don't generally take their PCs anywhere - LAN parties happen... less than since the nineties | ||
:: even theft by non-interested people is not too much threat. Yes, they could poke around, but chances are that they or the next owner will just | :: even theft by non-interested people is not too much threat. Yes, they could poke around, but chances are that they or the next owner will just reinstall the thing. | ||
: keep in mind that encrypted devices does not do much against law enforcement, | : again, keep in mind that encrypted devices does not do much against law enforcement, | ||
:: in that in a lot of places, you are more or less ''required'' to give them access somehow, and your refusal will have implications. | :: in that in a lot of places, you are more or less ''required'' to give them access somehow, and your refusal will have implications. | ||
Footnotes: | |||
* "encrypt my PC" is usually variably used to mean | |||
:: "encrypt the system drive | |||
:: "encrypt user data" | |||
:: ...or other things | |||
* added disks would have to be separately encrypted | |||
--> | |||
==Is it important to encrypt my external drive?== | |||
<!-- | |||
If it's portable and you care about what happens when it gets stolen, yes. | |||
That said, | |||
* some of the solutions used by external disk are less secure than they could be | |||
* some of the solutions used by external disk are bad. | |||
* some of the implementations have been very flawed | |||
Also, there is a gliding scale of convenience, and threat modeling. | |||
Most are still good against casual theft, but if you are a person of interest, maybe double check. | |||
This isn't about how many bits the encryption has, it's where | |||
* the key is kept when it's off | |||
* where it's kept when it's on | |||
* the steps you need to do to have it become readable | |||
:: and its compatibility | |||
Say, if something is transparently encrypted -- it says it is but you never have to put in anything -- | |||
that often means that the drive is good within a specific computer - basically, it being in that computer | |||
means you get in automatically, and if people steal just the drive, chances are they will never get in. | |||
The thing is if that is a laptop, it's easier to steal the entire thing in the first place. | |||
Line 158: | Line 207: | ||
<!-- | <!-- | ||
For anything that really matters to you, it is likely worth it, because: | |||
* changes are higher that you will know about bad attempts | * changes are higher that you will know about bad attempts | ||
* changes are lower than someone will get in at all | * changes are lower than someone will get in at all | ||
There ''are'' footnotes to that. | |||
Line 484: | Line 530: | ||
And yes, some of that is technical, but a lot of it looks technical but ends up being a very practical thing | And yes, some of that is technical, but a lot of it looks technical but ends up being a very practical thing. | ||
There is a very real question that -- again -- comes down to [[threat modeling]]. | |||
: Is it that you are political and want to not get into shit? | : Is it that you are political and want to not get into shit? | ||
: Is it that actually want it to never be read? | : Is it that actually want it to never be read? |
Latest revision as of 00:20, 22 April 2024
Security related stuff.
Securing services
Unsorted - · Anonymization notes · website security notes · integrated security hardware · Glossary · unsorted |